[Webkit-unassigned] [Bug 228116] New: REGRESSION (r278877) [Cocoa] WebAuthn stopped working for non-Safari browsers

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jul 20 11:45:52 PDT 2021 

https://bugs.webkit.org/show_bug.cgi?id=228116

            Bug ID: 228116
           Summary: REGRESSION (r278877) [Cocoa] WebAuthn stopped working
                    for non-Safari browsers
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: bfulgham at webkit.org

WebAuthn: webauthn.me/debugger & webauthn.io doesn't load/work in default browsers (Chrome & Firefox)

The standard iOS App Sandbox doesn’t allow us to use the API:

(1) Sandbox Violation:   deny(1) process-codesigning-status-get others [com.apple.WebKit(14180)]
Process:         Chrome [14153]

Thread 0 (id: 2724455, CrWebMain):
0   libsystem_kernel.dylib              0x00000001b816a7f4 csops_audittoken + 8
1   Security                            0x0000000189b38f6c SecTaskLoadEntitlements + 348
2   Security                            0x0000000189b392dc SecTaskCopyValueForEntitlement + 76
3   JavaScriptCore                      0x000000018d31ae3c WTF::hasEntitlementValue(audit_token_t, char const*, char const*) + 124

(2) Sandbox Violation:   deny(1) process-codesigning-entitlements-der-blob-get others [com.apple.WebKit(14180)]
Process:         Chrome [14153]

Thread 0 (id: 2724455, CrWebMain):
0   libsystem_kernel.dylib              0x00000001b816a7f4 csops_audittoken + 8
1   Security                            0x0000000189b38e64 SecTaskLoadEntitlements + 84
2   Security                            0x0000000189b392dc SecTaskCopyValueForEntitlement + 76
3   JavaScriptCore                      0x000000018d31ae3c WTF::hasEntitlementValue(audit_token_t, char const*, char const*) + 124

(3) Sandbox Violation:   deny(1) sysctl-read kern.proc.pid.14158
Process:         Chrome [14153]

Thread 0 (id: 2724455, CrWebMain):
0   libsystem_kernel.dylib              0x00000001b816ab98 __sysctl + 8
1   Security                            0x0000000189b3f47c SecTaskCopyDebugDescription + 180
2   Security                            0x0000000189b38ff4 SecTaskLoadEntitlements + 484
3   Security                            0x0000000189b392dc SecTaskCopyValueForEntitlement + 76
4   JavaScriptCore                      0x000000018d31ae3c WTF::hasEntitlementValue(audit_token_t, char const*, char const*) + 124

One or more of these failures prevent the PAC key from being read, so the process rejects the message.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210720/2e66474a/attachment.htm>

More information about the webkit-unassigned mailing list